The remote Ubuntu host is missing one or more security-related
patches.

Description :

Thijs Alkemade and Robert Vehse discovered that Pidgin incorrectly
handled the Yahoo! protocol. A remote attacker could use this issue to
cause Pidgin to crash, resulting in a denial of service.
(CVE-2012-6152)

Jaime Breva Ribes discovered that Pidgin incorrectly handled the XMPP
protocol. A remote attacker could use this issue to cause Pidgin to
crash, resulting in a denial of service. (CVE-2013-6477)

It was discovered that Pidgin incorrecly handled long URLs. A remote
attacker could use this issue to cause Pidgin to crash, resulting in a
denial of service. (CVE-2013-6478)

Jacob Appelbaum discovered that Pidgin incorrectly handled certain
HTTP responses. A malicious remote server or a man in the middle could
use this issue to cause Pidgin to crash, resulting in a denial of
service. (CVE-2013-6479)

Daniel Atallah discovered that Pidgin incorrectly handled the Yahoo!
protocol. A remote attacker could use this issue to cause Pidgin to
crash, resulting in a denial of service. (CVE-2013-6481)

Fabian Yamaguchi and Christian Wressnegger discovered that Pidgin
incorrectly handled the MSN protocol. A remote attacker could use this
issue to cause Pidgin to crash, resulting in a denial of service.
(CVE-2013-6482)

It was discovered that Pidgin incorrectly handled STUN server
responses. A remote attacker could use this issue to cause Pidgin to
crash, resulting in a denial of service. (CVE-2013-6484)

Matt Jones discovered that Pidgin incorrectly handled certain chunked
HTTP responses. A malicious remote server or a man in the middle could
use this issue to cause Pidgin to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2013-6485)

Yves Younan and Ryan Pentney discovered that Pidgin incorrectly
handled certain Gadu-Gadu HTTP messages. A malicious remote server or
a man in the middle could use this issue to cause Pidgin to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2013-6487)

Yves Younan and Pawel Janic discovered that Pidgin incorrectly handled
MXit emoticons. A remote attacker could use this issue to cause Pidgin
to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2013-6489)

Yves Younan discovered that Pidgin incorrectly handled SIMPLE headers.
A remote attacker could use this issue to cause Pidgin to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2013-6490)

Daniel Atallah discovered that Pidgin incorrectly handled IRC argument
parsing. A malicious remote server or a man in the middle could use
this issue to cause Pidgin to crash, resulting in a denial of service.
(CVE-2014-0020).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Contact

The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.